Authoritative name servers affect users in ways they cannot avoid or work around, so the primary concern for operators of authoritative name servers when considering changes to the DNS protocol or transport must be to weigh operational risk to availability. Standards developers should assess whether adding a feature to the protocol or transport introduces a significant attack vector that increases the risk of attacks against the name servers (principally DDoS, which is the most prominent risk, but other vectors warrant concern).
The DPRIVE charter [1] makes an important observation regarding the question of DNS encryption at the authoritative name server: "There are numerous aspects that differ between DNS exchanges with an iterative resolver and exchanges involving DNS root/authoritative servers." As Bert Hubert so eloquently put it in his "DNS Camel" talk to the DNSOP working group and subsequent blog post earlier this year [2]: ".with the rise in complexity and the decrease in the number of capable contributors, the inevitable result is a drop in quality." These points suggest a need for a profile of encryption standards that sufficiently mitigates operational risk to authoritative name servers while protecting end user privacy. [1] https://datatracker.ietf.org/doc/charter-ietf-dprive/ [2] https://blog.apnic.net/2018/03/29/the-dns-camel/ _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
